View Javadoc
1 package org.apache.turbine.modules; 2 3 /* ==================================================================== 4 * The Apache Software License, Version 1.1 5 * 6 * Copyright (c) 2001 The Apache Software Foundation. All rights 7 * reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. The end-user documentation included with the redistribution, 22 * if any, must include the following acknowledgment: 23 * "This product includes software developed by the 24 * Apache Software Foundation (http://www.apache.org/)." 25 * Alternately, this acknowledgment may appear in the software itself, 26 * if and wherever such third-party acknowledgments normally appear. 27 * 28 * 4. The names "Apache" and "Apache Software Foundation" and 29 * "Apache Turbine" must not be used to endorse or promote products 30 * derived from this software without prior written permission. For 31 * written permission, please contact apache@apache.org. 32 * 33 * 5. Products derived from this software may not be called "Apache", 34 * "Apache Turbine", nor may "Apache" appear in their name, without 35 * prior written permission of the Apache Software Foundation. 36 * 37 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED 38 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 39 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 40 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR 41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 43 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 44 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 45 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 46 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 47 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 48 * SUCH DAMAGE. 49 * ==================================================================== 50 * 51 * This software consists of voluntary contributions made by many 52 * individuals on behalf of the Apache Software Foundation. For more 53 * information on the Apache Software Foundation, please see 54 * <http://www.apache.org/>;. 55 */ 56 57 // Turbine Utility Classes 58 import org.apache.turbine.util.RunData; 59 60 // ECS Classe 61 import org.apache.ecs.ConcreteElement; 62 import org.apache.ecs.Entities; 63 import org.apache.ecs.filter.CharacterFilter; 64 65 /*** 66 * This is an interface that defines the Screen modules. 67 * 68 * @author <a href="mailto:mbryson@mont.mindspring.com">Dave Bryson</a> 69 * @version $Id: Screen.java,v 1.1.1.1 2001/08/16 05:08:30 jvanzyl Exp $ 70 */ 71 public abstract class Screen extends Assembler 72 { 73 private static final CharacterFilter filter = htmlFilter(); 74 private static final CharacterFilter minFilter = htmlMinFilter(); 75 76 /*** 77 * A subclass must override this method to build itself. 78 * Subclasses override this method to store the screen in RunData 79 * or to write the screen to the output stream referenced in 80 * RunData. 81 * 82 * @param data Turbine information. 83 * @exception Exception a generic exception. 84 */ 85 protected abstract ConcreteElement doBuild( RunData data ) 86 throws Exception; 87 88 /*** 89 * Subclasses can override this method to add additional 90 * functionality. This method is protected to force clients to 91 * use ScreenLoader to build a Screen. 92 * 93 * @param data Turbine information. 94 * @exception Exception a generic exception. 95 */ 96 protected ConcreteElement build( RunData data ) 97 throws Exception 98 { 99 return doBuild( data ); 100 } 101 102 /*** 103 * If the Layout has not been defined by the Screen then set the 104 * layout to be "DefaultLayout". The Screen object can also 105 * override this method to provide intelligent determination of 106 * the Layout to execute. You can also define that logic here as 107 * well if you want it to apply on a global scale. For example, 108 * if you wanted to allow someone to define Layout "preferences" 109 * where they could dynamicially change the Layout for the entire 110 * site. The information for the request is passed in with the 111 * RunData object. 112 * 113 * @param data Turbine information. 114 * @return A String with the Layout. 115 */ 116 public String getLayout(RunData data) 117 { 118 return data.getLayout(); 119 } 120 121 /*** 122 * Set the layout for a Screen. 123 * 124 * @param data Turbine information. 125 * @param layout The layout name. 126 */ 127 public void setLayout( RunData data, String layout ) 128 { 129 data.setLayout(layout); 130 } 131 132 /*** 133 * This function can/should be used in any screen that will output 134 * User entered text. This will help prevent users from entering 135 * html (<SCRIPT>) tags that will get executed by the browser. 136 * 137 * @param s The string to prepare. 138 * @return A string with the input already prepared. 139 */ 140 public static String prepareText(String s) 141 { 142 return filter.process(s); 143 } 144 145 /*** 146 * This function can/should be used in any screen that will output 147 * User entered text. This will help prevent users from entering 148 * html (<SCRIPT>) tags that will get executed by the browser. 149 * 150 * @param s The string to prepare. 151 * @return A string with the input already prepared. 152 */ 153 public static String prepareTextMinimum(String s) 154 { 155 return minFilter.process(s); 156 } 157 158 /*** 159 * These attributes are supposed to be the default, but they are 160 * not, at least in ECS 1.2. Include them all just to be safe. 161 * 162 * @return A CharacterFilter to do HTML filtering. 163 */ 164 private static CharacterFilter htmlFilter() 165 { 166 CharacterFilter filter = new CharacterFilter(); 167 filter.addAttribute("\"", Entities.QUOT); 168 filter.addAttribute("'", Entities.LSQUO); 169 filter.addAttribute("&", Entities.AMP); 170 filter.addAttribute("<", Entities.LT); 171 filter.addAttribute(">", Entities.GT); 172 return filter; 173 } 174 175 /* 176 * We would like to filter user entered text that might be 177 * dynamically added, using javascript for example. But we do not 178 * want to filter all the above chars, so we will just disallow 179 * <. 180 * 181 * @return A CharacterFilter to do minimal HTML filtering. 182 */ 183 private static CharacterFilter htmlMinFilter() 184 { 185 CharacterFilter filter = new CharacterFilter(); 186 filter.removeAttribute(">"); 187 filter.removeAttribute("\""); 188 filter.removeAttribute("'"); 189 filter.removeAttribute("&"); 190 filter.addAttribute("<", Entities.LT); 191 return filter; 192 } 193 }

This page was automatically generated by Maven